52aa228c97b260a20e614f1d0ce423beacfdd35cd39ccc8e698746e2b126b749 | Triage

Sharing

General

Target

52aa228c97b260a20e614f1d0ce423beacfdd35cd39ccc8e698746e2b126b749
Size

44KB
Sample

221106-s1amvabfbk
MD5

090d265a4f2cec508031f40d6b40924a
SHA1

8e750b4dde886ca28efe41f0e1ff505ed859182e
SHA256

52aa228c97b260a20e614f1d0ce423beacfdd35cd39ccc8e698746e2b126b749
SHA512

866f97a31fb71397aede078af988867edafcd4720881e3419a109f0c3664708061854e5246dad9dc9c4677f97b39741d8d372ec7902c3433bc29ca3a904a72bb
SSDEEP

768:sG/Hd+9h6eXe04H7cHPHYmug6UXQm1dIZE2ocOT77e:sbMHyj6S3T77

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  52aa228c97b260a20e614f1d0ce423beacfdd35cd39ccc8e698746e2b126b749
- Size
  
  44KB
- MD5
  
  090d265a4f2cec508031f40d6b40924a
- SHA1
  
  8e750b4dde886ca28efe41f0e1ff505ed859182e
- SHA256
  
  52aa228c97b260a20e614f1d0ce423beacfdd35cd39ccc8e698746e2b126b749
- SHA512
  
  866f97a31fb71397aede078af988867edafcd4720881e3419a109f0c3664708061854e5246dad9dc9c4677f97b39741d8d372ec7902c3433bc29ca3a904a72bb
- SSDEEP
  
  768:sG/Hd+9h6eXe04H7cHPHYmug6UXQm1dIZE2ocOT77e:sbMHyj6S3T77
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence